提交 7d7ee0a4 编写于 作者: ibizdev's avatar ibizdev

ibiz4j 发布系统代码

上级 b22a9f57
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
@on-open-change="transferRefresh" @on-open-change="transferRefresh"
@on-change="dataChange" @on-change="dataChange"
v-model="dataRight" v-model="dataRight"
:style="{width:width===undefined?'586px':width}" :style="{width:width?width:'586px'}"
multiple multiple
> >
<Option class="hidden" :value="item" v-for="(item,i) in dataRight" :key="i">{{findLabel(item)}}</Option> <Option class="hidden" :value="item" v-for="(item,i) in dataRight" :key="i">{{findLabel(item)}}</Option>
...@@ -17,43 +17,23 @@ import { ElSelect } from "element-ui/types/select"; ...@@ -17,43 +17,23 @@ import { ElSelect } from "element-ui/types/select";
@Component({}) @Component({})
export default class AppTransfer extends Vue { export default class AppTransfer extends Vue {
/**
* 左侧框数据
*/
public dataLeft: any[] = [];
/**
* 右侧框数据
*/
public dataRight: any[] = [];
/** /**
* 穿梭框宽度 * 穿梭框宽度
*/
@Prop() public width: any;
/**
* 代码表服务对象
* *
* @type {CodeListService}
* @memberof AppTransfer
*/
public codeListService: CodeListService = new CodeListService({
$store: this.$store
});
/**
* 查询参数
* @type {*} * @type {*}
* @memberof AppTransfer * @memberof AppTransfer
*/ */
public queryParam: any; @Prop() public width: any;
/** /**
* 表单传入字符串值分隔符 * 表单传入字符串值分隔符
*
* @type {string}
* @memberof AppTransfer
*/ */
@Prop() public valueSeparator!: string; @Prop() public valueSeparator!: string;
/** /**
* 当前选中值 * 当前选中值
* @type {any} * @type {any}
...@@ -93,33 +73,6 @@ export default class AppTransfer extends Vue { ...@@ -93,33 +73,6 @@ export default class AppTransfer extends Vue {
*/ */
@Prop() public localParam!: any; @Prop() public localParam!: any;
/**
* 组件change事件,右侧框数据变化时
* @memberof AppTransfer
*/
dataChange(e: any) {
let _valueSeparator: any;
_valueSeparator = this.initValueSeparator(_valueSeparator);
let newVal: any;
newVal = e.join(`${_valueSeparator}`);
if (newVal) {
this.$emit("change", newVal);
} else {
this.$emit("change", null);
}
}
/**
* 初始化valueSeparator
*/
public initValueSeparator(_valueSeparator: any) {
if (this.valueSeparator === undefined) {
return ",";
} else {
return this.valueSeparator;
}
}
/** /**
* 视图上下文 * 视图上下文
* *
...@@ -138,6 +91,7 @@ export default class AppTransfer extends Vue { ...@@ -138,6 +91,7 @@ export default class AppTransfer extends Vue {
/** /**
* 是否禁用 * 是否禁用
*
* @type {any} * @type {any}
* @memberof AppTransfer * @memberof AppTransfer
* *
...@@ -145,18 +99,38 @@ export default class AppTransfer extends Vue { ...@@ -145,18 +99,38 @@ export default class AppTransfer extends Vue {
@Prop() public disabled?: any; @Prop() public disabled?: any;
/** /**
* 是否支持过滤 * placeholder
* @type {boolean} *
* @type {string}
* @memberof AppTransfer * @memberof AppTransfer
*
*/ */
@Prop() public filterable?: boolean; @Prop() public placeholder?: string;
/** /**
* 下拉选提示内容 * 左侧框数据
* @type {string} *
* @type {any[]}
* @memberof AppTransfer * @memberof AppTransfer
*/ */
@Prop() public placeholder?: string; public dataLeft: any[] = [];
/**
* 右侧框数据
*
* @type {any[]}
* @memberof AppTransfer
*/
public dataRight: any[] = [];
/**
* 代码表服务对象
*
* @type {CodeListService}
* @memberof AppTransfer
*/
public codeListService: CodeListService = new CodeListService({$store: this.$store});
/** /**
* vue 生命周期 * vue 生命周期
...@@ -167,8 +141,34 @@ export default class AppTransfer extends Vue { ...@@ -167,8 +141,34 @@ export default class AppTransfer extends Vue {
this.dataHandle(); this.dataHandle();
} }
/**
* 组件change事件,右侧框数据变化时
*
* @memberof AppTransfer
*/
dataChange(e: any) {
let _valueSeparator: string = this.initValueSeparator();
let newVal: string = e.join(`${_valueSeparator}`);
if (newVal) {
this.$emit("change", newVal);
} else {
this.$emit("change", null);
}
}
/**
* 初始化valueSeparator
*
* @memberof AppTransfer
*/
public initValueSeparator() {
return this.valueSeparator?this.valueSeparator:",";
}
/** /**
* 数据处理 * 数据处理
*
* @memberof AppTransfer
*/ */
public dataHandle() { public dataHandle() {
if (this.tag && Object.is(this.codelistType, "STATIC")) { if (this.tag && Object.is(this.codelistType, "STATIC")) {
...@@ -187,14 +187,11 @@ export default class AppTransfer extends Vue { ...@@ -187,14 +187,11 @@ export default class AppTransfer extends Vue {
// 参数处理 // 参数处理
let _context = data.context; let _context = data.context;
let _param = data.param; let _param = data.param;
this.codeListService this.codeListService.getItems(this.tag, _context, _param).then((res: any) => {
.getItems(this.tag, _context, _param)
.then((res: any) => {
this.dataLeft = res; this.dataLeft = res;
this.initLeft(); this.initLeft();
this.initRight(); this.initRight();
}) }).catch((error: any) => {
.catch((error: any) => {
console.log(`----${this.tag}----代码表不存在`); console.log(`----${this.tag}----代码表不存在`);
}); });
} }
...@@ -207,35 +204,25 @@ export default class AppTransfer extends Vue { ...@@ -207,35 +204,25 @@ export default class AppTransfer extends Vue {
* @returns * @returns
* @memberof AppTransfer * @memberof AppTransfer
*/ */
public handlePublicParams(arg: any) { public handlePublicParams(arg: any) {
// 合并表单参数 // 合并表单参数
arg.param = this.viewparams arg.param = this.viewparams? JSON.parse(JSON.stringify(this.viewparams)): {};
? JSON.parse(JSON.stringify(this.viewparams))
: {};
arg.context = this.context ? JSON.parse(JSON.stringify(this.context)) : {}; arg.context = this.context ? JSON.parse(JSON.stringify(this.context)) : {};
// 附加参数处理 // 附加参数处理
if (this.localContext && Object.keys(this.localContext).length > 0) { if (this.localContext && Object.keys(this.localContext).length > 0) {
let _context = this.$util.computedNavData( let _context = this.$util.computedNavData(this.itemValue,arg.context,arg.param,this.localContext);
this.itemValue,
arg.context,
arg.param,
this.localContext
);
Object.assign(arg.context, _context); Object.assign(arg.context, _context);
} }
if (this.localParam && Object.keys(this.localParam).length > 0) { if (this.localParam && Object.keys(this.localParam).length > 0) {
let _param = this.$util.computedNavData( let _param = this.$util.computedNavData(this.itemValue,arg.context,arg.param,this.localParam);
this.itemValue,
arg.context,
arg.param,
this.localParam
);
Object.assign(arg.param, _param); Object.assign(arg.param, _param);
} }
} }
/** /**
* 初始化左侧框数据 * 初始化左侧框数据
*
* @memberof AppTransfer
*/ */
public initLeft() { public initLeft() {
let left: any[] = []; let left: any[] = [];
...@@ -250,12 +237,15 @@ export default class AppTransfer extends Vue { ...@@ -250,12 +237,15 @@ export default class AppTransfer extends Vue {
}); });
}); });
} }
/** /**
* 初始化右侧框数据 * 初始化右侧框数据
*
* @memberof AppTransfer
*/ */
public initRight() { public initRight() {
let _valueSeparator: any; let _valueSeparator: any;
_valueSeparator = this.initValueSeparator(_valueSeparator); _valueSeparator = this.initValueSeparator();
let _data: any = this.itemValue; let _data: any = this.itemValue;
if (_data) { if (_data) {
let _dataRight: any = []; let _dataRight: any = [];
...@@ -270,8 +260,11 @@ export default class AppTransfer extends Vue { ...@@ -270,8 +260,11 @@ export default class AppTransfer extends Vue {
this.dataRight = _dataRight; this.dataRight = _dataRight;
} }
} }
/** /**
* 穿梭框打开时刷新数据 * 穿梭框打开时刷新数据
*
* @memberof AppTransfer
*/ */
public transferRefresh(e: any) { public transferRefresh(e: any) {
if (e && this.codelistType === "DYNAMIC") { if (e && this.codelistType === "DYNAMIC") {
...@@ -282,12 +275,15 @@ export default class AppTransfer extends Vue { ...@@ -282,12 +275,15 @@ export default class AppTransfer extends Vue {
/** /**
* 找到dataLeft中key与dataRight中item相等的元素,返回label * 找到dataLeft中key与dataRight中item相等的元素,返回label
*
* @memberof AppTransfer
*/ */
public findLabel(item: any) { public findLabel(item: any) {
for (const elem of this.dataLeft) { for (const elem of this.dataLeft) {
if (elem.key === item) return elem.label; if (elem.key === item) return elem.label;
} }
} }
} }
</script> </script>
......
...@@ -230,6 +230,7 @@ ...@@ -230,6 +230,7 @@
style="" style=""
@change="($event)=>{gridEditItemChange(row, column.property, $event, $index)}"> @change="($event)=>{gridEditItemChange(row, column.property, $event, $index)}">
</dropdown-list> </dropdown-list>
</app-form-item> </app-form-item>
</template> </template>
<template v-if="!actualIsOpenEdit"> <template v-if="!actualIsOpenEdit">
......
package cn.ibizlab.core.extensions.service;
import cn.ibizlab.core.ou.service.impl.IBZEmployeeServiceImpl;
import lombok.extern.slf4j.Slf4j;
import cn.ibizlab.core.ou.domain.IBZEmployee;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.context.annotation.Primary;
/**
* 实体[人员] 自定义服务对象
*/
@Slf4j
@Primary
@Service("IBZEmployeeServiceEx")
public class IBZEmployeeServiceEx extends IBZEmployeeServiceImpl {
@Override
protected Class currentModelClass() {
return com.baomidou.mybatisplus.core.toolkit.ReflectionKit.getSuperClassGenericType(this.getClass().getSuperclass(), 1);
}
/**
* 自定义行为[InitPwd]用户扩展
* @param et
* @return
*/
@Override
@Transactional
public IBZEmployee initPwd(IBZEmployee et) {
return et;
}
}
...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP; ...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter @Getter
@Setter @Setter
@NoArgsConstructor @NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties(value = "handler") @JsonIgnoreProperties(value = "handler")
@TableName(value = "IBZDEPT",resultMap = "IBZDepartmentResultMap") @TableName(value = "IBZDEPT",resultMap = "IBZDepartmentResultMap")
public class IBZDepartment extends EntityMP implements Serializable { public class IBZDepartment extends EntityMP implements Serializable {
......
...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP; ...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter @Getter
@Setter @Setter
@NoArgsConstructor @NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties(value = "handler") @JsonIgnoreProperties(value = "handler")
@TableName(value = "IBZDEPTMEMBER",resultMap = "IBZDeptMemberResultMap") @TableName(value = "IBZDEPTMEMBER",resultMap = "IBZDeptMemberResultMap")
public class IBZDeptMember extends EntityMP implements Serializable { public class IBZDeptMember extends EntityMP implements Serializable {
......
...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP; ...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter @Getter
@Setter @Setter
@NoArgsConstructor @NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties(value = "handler") @JsonIgnoreProperties(value = "handler")
@TableName(value = "IBZEMP",resultMap = "IBZEmployeeResultMap") @TableName(value = "IBZEMP",resultMap = "IBZEmployeeResultMap")
public class IBZEmployee extends EntityMP implements Serializable { public class IBZEmployee extends EntityMP implements Serializable {
......
...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP; ...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter @Getter
@Setter @Setter
@NoArgsConstructor @NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties(value = "handler") @JsonIgnoreProperties(value = "handler")
@TableName(value = "IBZORG",resultMap = "IBZOrganizationResultMap") @TableName(value = "IBZORG",resultMap = "IBZOrganizationResultMap")
public class IBZOrganization extends EntityMP implements Serializable { public class IBZOrganization extends EntityMP implements Serializable {
......
...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP; ...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter @Getter
@Setter @Setter
@NoArgsConstructor @NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties(value = "handler") @JsonIgnoreProperties(value = "handler")
@TableName(value = "IBZPOST",resultMap = "IBZPostResultMap") @TableName(value = "IBZPOST",resultMap = "IBZPostResultMap")
public class IBZPost extends EntityMP implements Serializable { public class IBZPost extends EntityMP implements Serializable {
......
...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP; ...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter @Getter
@Setter @Setter
@NoArgsConstructor @NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties(value = "handler") @JsonIgnoreProperties(value = "handler")
@TableName(value = "IBZTEAM",resultMap = "IBZTeamResultMap") @TableName(value = "IBZTEAM",resultMap = "IBZTeamResultMap")
public class IBZTeam extends EntityMP implements Serializable { public class IBZTeam extends EntityMP implements Serializable {
......
...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP; ...@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter @Getter
@Setter @Setter
@NoArgsConstructor @NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties(value = "handler") @JsonIgnoreProperties(value = "handler")
@TableName(value = "IBZTEAMMEMBER",resultMap = "IBZTeamMemberResultMap") @TableName(value = "IBZTEAMMEMBER",resultMap = "IBZTeamMemberResultMap")
public class IBZTeamMember extends EntityMP implements Serializable { public class IBZTeamMember extends EntityMP implements Serializable {
......
...@@ -22,4 +22,9 @@ public class IBZUAAFallback implements IBZUAAFeignClient { ...@@ -22,4 +22,9 @@ public class IBZUAAFallback implements IBZUAAFeignClient {
public AuthenticationUser loginByUsername(String username) { public AuthenticationUser loginByUsername(String username) {
return null; return null;
} }
@Override
public String getPublicKey() {
return null;
}
} }
...@@ -2,6 +2,7 @@ package cn.ibizlab.util.client; ...@@ -2,6 +2,7 @@ package cn.ibizlab.util.client;
import cn.ibizlab.util.security.AuthenticationUser; import cn.ibizlab.util.security.AuthenticationUser;
import cn.ibizlab.util.security.AuthorizationLogin; import cn.ibizlab.util.security.AuthorizationLogin;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.cloud.openfeign.FeignClient; import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
...@@ -28,4 +29,8 @@ public interface IBZUAAFeignClient ...@@ -28,4 +29,8 @@ public interface IBZUAAFeignClient
@PostMapping(value = "/uaa/loginbyusername") @PostMapping(value = "/uaa/loginbyusername")
AuthenticationUser loginByUsername(@RequestBody String username); AuthenticationUser loginByUsername(@RequestBody String username);
@Cacheable(value="ibzuaa_publickey")
@GetMapping(value = "/uaa/publickey")
String getPublicKey();
} }
package cn.ibizlab.util.security; package cn.ibizlab.util.security;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Clock;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.DefaultClock;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import java.io.Serializable; public interface AuthTokenUtil {
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.function.Function;
@Component String generateToken(UserDetails userDetails);
public class AuthTokenUtil implements Serializable {
private static final long serialVersionUID = -3301605591108950415L; Boolean validateToken(String token, UserDetails userDetails);
private Clock clock = DefaultClock.INSTANCE;
@Value("${ibiz.jwt.secret:ibzsecret}") String getUsernameFromToken(String token);
private String secret;
@Value("${ibiz.jwt.expiration:7200000}")
private Long expiration;
@Value("${ibiz.jwt.header:Authorization}")
private String tokenHeader;
public String getUsernameFromToken(String token) {
return getClaimFromToken(token, Claims::getSubject);
}
public Date getIssuedAtDateFromToken(String token) {
return getClaimFromToken(token, Claims::getIssuedAt);
}
public Date getExpirationDateFromToken(String token) {
return getClaimFromToken(token, Claims::getExpiration);
}
public <T> T getClaimFromToken(String token, Function<Claims, T> claimsResolver) {
final Claims claims = getAllClaimsFromToken(token);
return claimsResolver.apply(claims);
}
private Claims getAllClaimsFromToken(String token) {
return Jwts.parser()
.setSigningKey(secret)
.parseClaimsJws(token)
.getBody();
}
private Boolean isTokenExpired(String token) {
final Date expiration = getExpirationDateFromToken(token);
return expiration.before(clock.now());
}
private Boolean isCreatedBeforeLastPasswordReset(Date created, Date lastPasswordReset) {
return (lastPasswordReset != null && created.before(lastPasswordReset));
}
private Boolean ignoreTokenExpiration(String token) {
// here you specify tokens, for that the expiration is ignored
return false;
}
public String generateToken(UserDetails userDetails) {
Map<String, Object> claims = new HashMap<>();
return doGenerateToken(claims, userDetails.getUsername());
}
private String doGenerateToken(Map<String, Object> claims, String subject) {
final Date createdDate = clock.now();
final Date expirationDate = calculateExpirationDate(createdDate);
return Jwts.builder()
.setClaims(claims)
.setSubject(subject)
.setIssuedAt(createdDate)
.setExpiration(expirationDate)
.signWith(SignatureAlgorithm.HS512, secret)
.compact();
}
public Boolean canTokenBeRefreshed(String token, Date lastPasswordReset) {
final Date created = getIssuedAtDateFromToken(token);
return !isCreatedBeforeLastPasswordReset(created, lastPasswordReset)
&& (!isTokenExpired(token) || ignoreTokenExpiration(token));
}
public String refreshToken(String token) {
final Date createdDate = clock.now();
final Date expirationDate = calculateExpirationDate(createdDate);
final Claims claims = getAllClaimsFromToken(token);
claims.setIssuedAt(createdDate);
claims.setExpiration(expirationDate);
return Jwts.builder()
.setClaims(claims)
.signWith(SignatureAlgorithm.HS512, secret)
.compact();
}
public Boolean validateToken(String token, UserDetails userDetails) {
AuthenticationUser user = (AuthenticationUser) userDetails;
final Date created = getIssuedAtDateFromToken(token);
return (!isTokenExpired(token) );
}
private Date calculateExpirationDate(Date createdDate) {
return new Date(createdDate.getTime() + expiration);
}
/**
* Get the login of the current user.
*
* @return the login of the current user
*/
public static Optional<String> getCurrentUserLogin() {
SecurityContext securityContext = SecurityContextHolder.getContext();
return Optional.ofNullable(securityContext.getAuthentication())
.map(authentication -> {
if (authentication.getPrincipal() instanceof UserDetails) {
UserDetails springSecurityUser = (UserDetails) authentication.getPrincipal();
return springSecurityUser.getUsername();
} else if (authentication.getPrincipal() instanceof String) {
return (String) authentication.getPrincipal();
}
return null;
});
}
/**
* Check if a user is authenticated.
*
* @return true if the user is authenticated, false otherwise
*/
public static boolean isAuthenticated() {
SecurityContext securityContext = SecurityContextHolder.getContext();
return Optional.ofNullable(securityContext.getAuthentication())
.map(authentication -> authentication.getAuthorities().stream()
.noneMatch(grantedAuthority -> grantedAuthority.getAuthority().equals("ANONYMOUS")))
.orElse(false);
}
/**
* If the current user has a specific authority (security role).
* <p>
* The name of this method comes from the isUserInRole() method in the Servlet API
*
* @param authority the authority to check
* @return true if the current user has the authority, false otherwise
*/
public static boolean isCurrentUserInRole(String authority) {
SecurityContext securityContext = SecurityContextHolder.getContext();
return Optional.ofNullable(securityContext.getAuthentication())
.map(authentication -> authentication.getAuthorities().stream()
.anyMatch(grantedAuthority -> grantedAuthority.getAuthority().equals(authority)))
.orElse(false);
}
} }
package cn.ibizlab.util.security;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Clock;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.DefaultClock;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import java.io.Serializable;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.function.Function;
@Component
@ConditionalOnExpression("(!${ibiz.enablePermissionValid:false})&&'${ibiz.auth.service:UAATokenUtil}'.equals('SimpleTokenUtil')")
public class SimpleTokenUtil implements AuthTokenUtil,Serializable {
private static final long serialVersionUID = -3301605591108950415L;
private Clock clock = DefaultClock.INSTANCE;
@Value("${ibiz.jwt.secret:ibzsecret}")
private String secret;
@Value("${ibiz.jwt.expiration:7200000}")
private Long expiration;
@Value("${ibiz.jwt.header:Authorization}")
private String tokenHeader;
public String getUsernameFromToken(String token) {
return getClaimFromToken(token, Claims::getSubject);
}
public Date getIssuedAtDateFromToken(String token) {
return getClaimFromToken(token, Claims::getIssuedAt);
}
public Date getExpirationDateFromToken(String token) {
return getClaimFromToken(token, Claims::getExpiration);
}
public <T> T getClaimFromToken(String token, Function<Claims, T> claimsResolver) {
final Claims claims = getAllClaimsFromToken(token);
return claimsResolver.apply(claims);
}
private Claims getAllClaimsFromToken(String token) {
return Jwts.parser()
.setSigningKey(secret)
.parseClaimsJws(token)
.getBody();
}
private Boolean isTokenExpired(String token) {
final Date expiration = getExpirationDateFromToken(token);
return expiration.before(clock.now());
}
private Boolean isCreatedBeforeLastPasswordReset(Date created, Date lastPasswordReset) {
return (lastPasswordReset != null && created.before(lastPasswordReset));
}
private Boolean ignoreTokenExpiration(String token) {
// here you specify tokens, for that the expiration is ignored
return false;
}
public String generateToken(UserDetails userDetails) {
Map<String, Object> claims = new HashMap<>();
return doGenerateToken(claims, userDetails.getUsername());
}
private String doGenerateToken(Map<String, Object> claims, String subject) {
final Date createdDate = clock.now();
final Date expirationDate = calculateExpirationDate(createdDate);
return Jwts.builder()
.setClaims(claims)
.setSubject(subject)
.setIssuedAt(createdDate)
.setExpiration(expirationDate)
.signWith(SignatureAlgorithm.HS512, secret)
.compact();
}
public Boolean canTokenBeRefreshed(String token, Date lastPasswordReset) {
final Date created = getIssuedAtDateFromToken(token);
return !isCreatedBeforeLastPasswordReset(created, lastPasswordReset)
&& (!isTokenExpired(token) || ignoreTokenExpiration(token));
}
public String refreshToken(String token) {
final Date createdDate = clock.now();
final Date expirationDate = calculateExpirationDate(createdDate);
final Claims claims = getAllClaimsFromToken(token);
claims.setIssuedAt(createdDate);
claims.setExpiration(expirationDate);
return Jwts.builder()
.setClaims(claims)
.signWith(SignatureAlgorithm.HS512, secret)
.compact();
}
public Boolean validateToken(String token, UserDetails userDetails) {
AuthenticationUser user = (AuthenticationUser) userDetails;
final Date created = getIssuedAtDateFromToken(token);
return (!isTokenExpired(token) );
}
private Date calculateExpirationDate(Date createdDate) {
return new Date(createdDate.getTime() + expiration);
}
/**
* Get the login of the current user.
*
* @return the login of the current user
*/
public static Optional<String> getCurrentUserLogin() {
SecurityContext securityContext = SecurityContextHolder.getContext();
return Optional.ofNullable(securityContext.getAuthentication())
.map(authentication -> {
if (authentication.getPrincipal() instanceof UserDetails) {
UserDetails springSecurityUser = (UserDetails) authentication.getPrincipal();
return springSecurityUser.getUsername();
} else if (authentication.getPrincipal() instanceof String) {
return (String) authentication.getPrincipal();
}
return null;
});
}
/**
* Check if a user is authenticated.
*
* @return true if the user is authenticated, false otherwise
*/
public static boolean isAuthenticated() {
SecurityContext securityContext = SecurityContextHolder.getContext();
return Optional.ofNullable(securityContext.getAuthentication())
.map(authentication -> authentication.getAuthorities().stream()
.noneMatch(grantedAuthority -> grantedAuthority.getAuthority().equals("ANONYMOUS")))
.orElse(false);
}
/**
* If the current user has a specific authority (security role).
* <p>
* The name of this method comes from the isUserInRole() method in the Servlet API
*
* @param authority the authority to check
* @return true if the current user has the authority, false otherwise
*/
public static boolean isCurrentUserInRole(String authority) {
SecurityContext securityContext = SecurityContextHolder.getContext();
return Optional.ofNullable(securityContext.getAuthentication())
.map(authentication -> authentication.getAuthorities().stream()
.anyMatch(grantedAuthority -> grantedAuthority.getAuthority().equals(authority)))
.orElse(false);
}
}
package cn.ibizlab.util.security;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Clock;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.DefaultClock;
import lombok.SneakyThrows;
import cn.ibizlab.util.client.IBZUAAFeignClient;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import java.io.File;
import java.io.FileInputStream;
import java.io.Serializable;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Function;
@Component
@ConditionalOnExpression("${ibiz.enablePermissionValid:false}||'${ibiz.auth.service:UAATokenUtil}'.equals('UAATokenUtil')")
public class UAATokenUtil implements AuthTokenUtil, Serializable {
private static final long serialVersionUID = -3301605591108950415L;
private Clock clock = DefaultClock.INSTANCE;
@Value("${ibiz.jwt.secret:ibzsecret}")
private String secret;
@Value("${ibiz.jwt.expiration:7200000}")
private Long expiration;
@Value("${ibiz.jwt.header:Authorization}")
private String tokenHeader;
@Autowired
private IBZUAAFeignClient uaaFeignClient;
public String getUsernameFromToken(String token) {
return getClaimFromToken(token, Claims::getSubject);
}
public Date getIssuedAtDateFromToken(String token) {
return getClaimFromToken(token, Claims::getIssuedAt);
}
public Date getExpirationDateFromToken(String token) {
return getClaimFromToken(token, Claims::getExpiration);
}
public <T> T getClaimFromToken(String token, Function<Claims, T> claimsResolver) {
final Claims claims = getAllClaimsFromToken(token);
return claimsResolver.apply(claims);
}
public Claims getAllClaimsFromToken(String token) {
PublicKey publicKey = getPublicKey(getPublicKeyString());
return Jwts.parser()
.setSigningKey(publicKey)
.parseClaimsJws(token)
.getBody();
}
private Boolean isTokenExpired(String token) {
final Date expiration = getExpirationDateFromToken(token);
return expiration.before(clock.now());
}
public String generateToken(UserDetails userDetails) {
return null;
}
public Boolean validateToken(String token, UserDetails userDetails) {
AuthenticationUser user = (AuthenticationUser) userDetails;
final Date created = getIssuedAtDateFromToken(token);
return (!isTokenExpired(token) );
}
private String getPublicKeyString(){
return uaaFeignClient.getPublicKey();
}
/**
* 获取PublicKey对象
* @param publicKeyBase64
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
@SneakyThrows
public PublicKey getPublicKey(String publicKeyBase64) {
byte[] byteKey = Base64.decodeBase64(publicKeyBase64);
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(byteKey);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePublic(x509EncodedKeySpec);
}
}
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册